Switching

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

Please share horror stories on port flapping

  • 1.  Please share horror stories on port flapping

    Posted 25 days ago

    I am faced with Junipers at customer,s locations  who indicate port flapping.

     

    Without going into details on my setup, I would appreciate reading from useras about various flapping problems they encountered and how they solved them.

    Basically, customer,s equipement is connected to Juniper 0 and Juniper 11 goes to the network provider.

     

    Mon Aug 23 19:00:42 2021 vlan_name QinQ-MRCRN-3913 mac 00:00:0a:9b:37:13 was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:00:46 2021 vlan_name QinQ-MRCRN-3913 mac 44:37:e6:e6:e1:f8 was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:00:49 2021 vlan_name QinQ-MRCRN-3913 mac 44:37:e6:aa:1c:1f was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:00:50 2021 vlan_name QinQ-MRCRN-3913 mac 00:50:56:a1:7d:c6 was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:00:50 2021 vlan_name QinQ-MRCRN-3913 mac 00:11:0a:f7:4c:6b was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:00:50 2021 vlan_name QinQ-MRCRN-3913 mac 00:11:0a:c1:bd:c2 was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:01:14 2021 vlan_name QinQ-MRCRN-3913 mac 00:50:56:a1:35:c7 was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:01:17 2021 vlan_name QinQ-MRCRN-3913 mac 88:04:09:18:39:6a was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

    Mon Aug 23 19:01:20 2021 vlan_name QinQ-MRCRN-3913 mac 20:c6:eb:6a:c7:da was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

     

    __________________________________________

    Michel Lapointe

    Projet GIRAT 2.0

    Michel.lapointe@girat.org

    Cell : (819) 279-0844

     

    GIRAT     http://www.girat.org

    (Gestion de l'inforoute régionale de l'Abitibi-Témiscamingue)

    Girat_Image30x116

     

     



  • 2.  RE: Please share horror stories on port flapping

     
    Posted 25 days ago
    Looks like a layer two loop with the mac moving between two ports because of the loop without a proper spanning tree configuration in place.

    When you say both are connected to a provider, does that mean you have two ports in an eLAN service connected here?  If so, remember that metro ethernet services do not run spanning tree so you need to insure that loop prevention is accounted for in your layer 2 connectivity design with the eLAN service.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: Please share horror stories on port flapping

    Posted 24 days ago

    Thank you Steve for the quick answer.

     

    Problem is being traced back to a single switch port on which a faulty device may have been connected. More on this later today.

    Hopefully, I'll be able to find exactly how this was created to duplicate it in lab.

    I'll keep the post update and send later as basic schematic of the setup.

     

    In the meantime, I have a follow-up question.

     

    Mon Aug 23 19:00:42 2021 vlan_name QinQ-MRCRN-3913 mac 00:00:0a:9b:37:13 was moved from ge-0/0/11.3913 to ge-0/0/0.3913 with flags: 0x2101f

     

    Issuing the command " show Ethernet-table mac-learning-log | match move"  is becoming my way to see if a I have a switch flapping. But I have 3 problems

    1)     I have to issue the command.

    a.      I would appreciate a sflow or snmp trap or whatever warning me that a port moving just occurred.

    b.      Iby the way, I am using Junos Space and Network Director, though I am not a power user.

    2)     I can't seem to find log on the switch of these "move." I looked at the log message files to no avail.

    a.      There must be a trace womewhere of what happened ?

    3)     The time displayed does not seems to match the actual time the event occurred.  

    a.      Still have to check on other switches, but this seems real odd.

    b.       

    I'd like to read your thoughts on these issues.  I also may open a ticket  with Junniper for further inquiries.

     

    thanks

     

    __________________________________________

    Michel Lapointe

    Projet GIRAT 2.0

    Michel.lapointe@girat.org

    Cell : (819) 279-0844

     

    GIRAT     http://www.girat.org

    (Gestion de l'inforoute régionale de l'Abitibi-Témiscamingue)

    Girat_Image30x116

     

     






  • 4.  RE: Please share horror stories on port flapping

     
    Posted 23 days ago
    Well, the reason there is no trap for mac moves is they are expected and normal in a lot of circumstances.  The reason we have redundant connections is so that mac addresses can move from one interface to another during failure scenarios.

    Loop prevention techniques are implemented then at the edge ports that face customers who may do the types of things you saw looping two ports.   So enabling storm control and bpdu guard there can prevent user activity.

    On the vpls side the configuration to detect frequent mac moves is here.  But the better place is to stop the activity at the source of the problem.

    https://www.juniper.net/documentation/us/en/software/junos/vpn-l2/topics/topic-map/example-configuring-loop-prevention-in-vpls-network-due-to-mac-moves.html

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 5.  RE: Please share horror stories on port flapping

    Posted 23 days ago

    Latest update,

    Loop was caused by employee pluggin 2 network cables lying around into the 2 rj45 connectors of an ipphone thereby creating a loop between 2 data vlan and phone vlan.

     

    __________________________________________

    Michel Lapointe

    Projet GIRAT 2.0

    Michel.lapointe@girat.org

    Cell : (819) 279-0844

     

    GIRAT     http://www.girat.org

    (Gestion de l'inforoute régionale de l'Abitibi-Témiscamingue)

    Girat_Image30x116

     

     






  • 6.  RE: Please share horror stories on port flapping

    Posted 23 days ago
    Wow! : )

    Elvin